. A company has systems in the Development and Production. The development systems DS have lower integrity level than the production systems PS. Consider the rights r (read), w (write) and m (manage). Programmers can read, and write to the Development systems, while System Administrators have all rights on both Development and Production systems. 1.5 pages
a. (2 pts) Define the subjects, objects and the access control matrix.
b. (2 pts) Are the read and write rules in Biba’s integrity model satisfied? Explain.
c. (4 pts) Programmers need to troubleshoot a problem in the Production systems. The System Administrators create a new process p in the Production Systems to copy data related to the problem and write to the Development Systems.
• Update the access control matrix with process p.
• Is Biba’s integrity model satisfied? Explain.
d. (2 pts) Can the situation in c) above violate Bell-Lapadula confidentiality model? How would you propose to fix it? ( Is Biba’s integrity model satisfied?)
2. (Bonus 10 pts) Explain why the enforcement rules of the Clark-Wilson model can emulate the Biba model. Give a simple example to illustrate your argument.
Please read the book for the right answers.
answers for the 2nd question should be in one page long.
its for master course, so i expect a good academic work.